2

我有一个使用带有数据库登录的弹簧安全性的球衣(休息)弹簧应用程序。我让它重定向到登录页面,一旦我输入有效的用户名和密码,它就会重定向回登录页面。

我是否需要编写其他代码和/或我的配置不正确。

谢谢!

弹簧安全.xml

<beans:beans xmlns="http://www.springframework.org/schema/security"

  xmlns:beans="http://www.springframework.org/schema/beans"

  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

  xsi:schemaLocation="http://www.springframework.org/schema/beans

           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

           http://www.springframework.org/schema/security

           http://www.springframework.org/schema/security/spring-security-3.1.xsd">



    <http pattern="/images/**" security="none"/>

    <http pattern="/css/**" security="none"/>

    <http pattern="/static.css" security="none"/>



    <http auto-config="true" disable-url-rewriting="true">

         <intercept-url pattern="/login-page.html" access="ROLE_ANONYMOUS"/>

        <intercept-url pattern="/**" access="ROLE_USER" />

        <form-login login-page='/login-page.html'

        login-processing-url="/j_spring_security_check.action" 

        default-target-url="/static-page.html" />

    </http>





    <authentication-manager>

        <authentication-provider>

            <jdbc-user-service data-source-ref="dataSource"



                users-by-username-query="

                    select username,password, email 

                    from users where USERNAME=?" 



                authorities-by-username-query="

                    select u.username, ur.authority from users u, roles ur 

                    where u.username = ur.username and u.username =?  " 



            />

        </authentication-provider>

    </authentication-manager>



</beans:beans>

web.xml

<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"

    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

    <context-param>

        <param-name>contextConfigLocation</param-name>

        <param-value>classpath:server-context.xml, classpath:spring-security.xml</param-value>

    </context-param>

    <listener>

        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>

    </listener>

    <listener>

        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

    </listener>

    <servlet>

        <servlet-name>jersey-servlet</servlet-name>

        <servlet-class>

            com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>

        <init-param>

            <param-name>com.sun.jersey.config.property.packages</param-name>

            <param-value>service.admin</param-value>

        </init-param>

        <init-param>

            <param-name>com.sun.jersey.api.json.POJOMappingFeature</param-name>

            <param-value>true</param-value>

        </init-param>

        <load-on-startup>1</load-on-startup>

    </servlet>

    <servlet-mapping>

        <servlet-name>jersey-servlet</servlet-name>

        <url-pattern>/sample/*</url-pattern>

    </servlet-mapping>

    <filter>

        <filter-name>springSecurityFilterChain</filter-name>

        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

    </filter>



    <filter-mapping>

        <filter-name>springSecurityFilterChain</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>

</web-app>

parital dao application-context.xml 显示创建的数据源

      ...
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">

    <property name="driverClassName" value="com.mysql.jdbc.Driver" />

    <property name="url" value="jdbc:mysql://localhost:3306/sample" />

    <property name="username" value="root" />

    <property name="password" value="password" />

</bean>

      ...

记录消息 - 在我尝试登录后

[...web.util.AntPathRequestMatcher] Checking match of request : '/j_spring_security_check'; against '/images/**' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/j_spring_security_check'; against '/css/**' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/j_spring_security_check'; against '/static.css' 
    [...web.FilterChainProxy] /j_spring_security_check at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 
    [...web.context.HttpSessionSecurityContextRepository] HttpSession returned null object for SPRING_SECURITY_CONTEXT 
    [...web.context.HttpSessionSecurityContextRepository] No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@466481eb. A new one will be created. 
    [...web.FilterChainProxy] /j_spring_security_check at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' 
    [...web.savedrequest.DefaultSavedRequest] pathInfo: both null (property equals) 
    [...web.savedrequest.DefaultSavedRequest] queryString: both null (property equals) 
    [...web.savedrequest.DefaultSavedRequest] requestURI: arg1=/sample/; arg2=/sample/j_spring_security_check (property not equals) 
    [...web.savedrequest.HttpSessionRequestCache] saved request doesn't match 
    [...web.FilterChainProxy] /j_spring_security_check at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 
    [...web.authentication.AnonymousAuthenticationFilter] Populated SecurityContextHolder with anonymous token: '...authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: ...web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 37AD1209E0F0EC148C607B42933758BF; Granted Authorities: ROLE_ANONYMOUS' 
    [...web.FilterChainProxy] /j_spring_security_check at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/j_spring_security_check'; against '/login-page.html' 
    [...web.access.intercept.FilterSecurityInterceptor] Secure object: FilterInvocation: URL: /j_spring_security_check; Attributes: [ROLE_USER] 
    [...web.access.intercept.FilterSecurityInterceptor] Previously Authenticated: ...authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: ...web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 37AD1209E0F0EC148C607B42933758BF; Granted Authorities: ROLE_ANONYMOUS 
    [...access.vote.AffirmativeBased] Voter: ...access.vote.RoleVoter@52c51614, returned: -1 
    [...access.vote.AffirmativeBased] Voter: ...access.vote.AuthenticatedVoter@175023d2, returned: 0 
    [...web.access.ExceptionTranslationFilter] Access is denied (user is anonymous); redirecting to authentication entry point 
...access.AccessDeniedException: Access is denied
    at ...access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
    at ...access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:205)
    at ...web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:114)
    at ...web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
    at ...web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
    at ...web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:307)
    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
    at java.lang.Thread.run(Thread.java:662)
    [...web.savedrequest.HttpSessionRequestCache] DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/sample/j_spring_security_check] 
    [...web.access.ExceptionTranslationFilter] Calling Authentication entry point. 
    [...web.DefaultRedirectStrategy] Redirecting to 'http://localhost:8080/sample/login-page.html' 
    [...web.context.HttpSessionSecurityContextRepository] SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession. 
    [...web.context.SecurityContextPersistenceFilter] SecurityContextHolder now cleared, as request processing completed 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/login-page.html'; against '/images/**' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/login-page.html'; against '/css/**' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/login-page.html'; against '/static.css' 
    [...web.FilterChainProxy] /login-page.html at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 
    [...web.context.HttpSessionSecurityContextRepository] HttpSession returned null object for SPRING_SECURITY_CONTEXT 
    [...web.context.HttpSessionSecurityContextRepository] No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@466481eb. A new one will be created. 
    [...web.FilterChainProxy] /login-page.html at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter' 
    [...web.FilterChainProxy] /login-page.html at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter' 
    [...web.FilterChainProxy] /login-page.html at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter' 
    [...web.FilterChainProxy] /login-page.html at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' 
    [...web.savedrequest.DefaultSavedRequest] pathInfo: both null (property equals) 
    [...web.savedrequest.DefaultSavedRequest] queryString: both null (property equals) 
    [...web.savedrequest.DefaultSavedRequest] requestURI: arg1=/sample/j_spring_security_check; arg2=/sample/login-page.html (property not equals) 
    [...web.savedrequest.HttpSessionRequestCache] saved request doesn't match 
    [...web.FilterChainProxy] /login-page.html at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 
    [...web.FilterChainProxy] /login-page.html at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 
    [...web.authentication.AnonymousAuthenticationFilter] Populated SecurityContextHolder with anonymous token: '...authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: ...web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 37AD1209E0F0EC148C607B42933758BF; Granted Authorities: ROLE_ANONYMOUS' 
    [...web.FilterChainProxy] /login-page.html at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter' 
    [...web.FilterChainProxy] /login-page.html at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 
    [...web.FilterChainProxy] /login-page.html at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/login-page.html'; against '/login-page.html' 
    [...web.access.intercept.FilterSecurityInterceptor] Secure object: FilterInvocation: URL: /login-page.html; Attributes: [ROLE_ANONYMOUS] 
    [...web.access.intercept.FilterSecurityInterceptor] Previously Authenticated: ...authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: ...web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 37AD1209E0F0EC148C607B42933758BF; Granted Authorities: ROLE_ANONYMOUS 
    [...access.vote.AffirmativeBased] Voter: ...access.vote.RoleVoter@52c51614, returned: 1 
    [...web.access.intercept.FilterSecurityInterceptor] Authorization successful 
    [...web.access.intercept.FilterSecurityInterceptor] RunAsManager did not change Authentication object 
    [...web.FilterChainProxy] /login-page.html reached end of additional filter chain; proceeding with original chain 
    [...web.access.ExceptionTranslationFilter] Chain processed normally 
    [...web.context.HttpSessionSecurityContextRepository] SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession. 
    [...web.context.SecurityContextPersistenceFilter] SecurityContextHolder now cleared, as request processing completed 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/j_spring_security_check'; against '/images/**' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/j_spring_security_check'; against '/css/**' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/j_spring_security_check'; against '/static.css' 
    [...web.FilterChainProxy] /j_spring_security_check at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 
    [...web.context.HttpSessionSecurityContextRepository] HttpSession returned null object for SPRING_SECURITY_CONTEXT 
    [...web.context.HttpSessionSecurityContextRepository] No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@466481eb. A new one will be created. 
    [...web.FilterChainProxy] /j_spring_security_check at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' 
    [...web.savedrequest.DefaultSavedRequest] pathInfo: both null (property equals) 
    [...web.savedrequest.DefaultSavedRequest] queryString: both null (property equals) 
    [...web.savedrequest.DefaultSavedRequest] requestURI: arg1=/sample/; arg2=/sample/j_spring_security_check (property not equals) 
    [...web.savedrequest.HttpSessionRequestCache] saved request doesn't match 
    [...web.FilterChainProxy] /j_spring_security_check at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 
    [...web.authentication.AnonymousAuthenticationFilter] Populated SecurityContextHolder with anonymous token: '...authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: ...web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 37AD1209E0F0EC148C607B42933758BF; Granted Authorities: ROLE_ANONYMOUS' 
    [...web.FilterChainProxy] /j_spring_security_check at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 
    [...web.FilterChainProxy] /j_spring_security_check at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/j_spring_security_check'; against '/login-page.html' 
    [...web.access.intercept.FilterSecurityInterceptor] Secure object: FilterInvocation: URL: /j_spring_security_check; Attributes: [ROLE_USER] 
    [...web.access.intercept.FilterSecurityInterceptor] Previously Authenticated: ...authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: ...web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 37AD1209E0F0EC148C607B42933758BF; Granted Authorities: ROLE_ANONYMOUS 
    [...access.vote.AffirmativeBased] Voter: ...access.vote.RoleVoter@52c51614, returned: -1 
    [...access.vote.AffirmativeBased] Voter: ...access.vote.AuthenticatedVoter@175023d2, returned: 0 
    [...web.access.ExceptionTranslationFilter] Access is denied (user is anonymous); redirecting to authentication entry point 
...access.AccessDeniedException: Access is denied
    ...(removed full stack trace) 
    [...web.savedrequest.HttpSessionRequestCache] DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/sample/j_spring_security_check] 
    [...web.access.ExceptionTranslationFilter] Calling Authentication entry point. 
    [...web.DefaultRedirectStrategy] Redirecting to 'http://localhost:8080/sample/login-page.html' 
    [...web.context.HttpSessionSecurityContextRepository] SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession. 
    [...web.context.SecurityContextPersistenceFilter] SecurityContextHolder now cleared, as request processing completed 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/login-page.html'; against '/images/**' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/login-page.html'; against '/css/**' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/login-page.html'; against '/static.css' 
    [...web.FilterChainProxy] /login-page.html at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 
    [...web.context.HttpSessionSecurityContextRepository] HttpSession returned null object for SPRING_SECURITY_CONTEXT 
    [...web.context.HttpSessionSecurityContextRepository] No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@466481eb. A new one will be created. 
    [...web.FilterChainProxy] /login-page.html at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter' 
    [...web.FilterChainProxy] /login-page.html at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter' 
    [...web.FilterChainProxy] /login-page.html at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter' 
    [...web.FilterChainProxy] /login-page.html at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' 
    [...web.savedrequest.DefaultSavedRequest] pathInfo: both null (property equals) 
    [...web.savedrequest.DefaultSavedRequest] queryString: both null (property equals) 
    [...web.savedrequest.DefaultSavedRequest] requestURI: arg1=/sample/j_spring_security_check; arg2=/sample/login-page.html (property not equals) 
    [...web.savedrequest.HttpSessionRequestCache] saved request doesn't match 
    [...web.FilterChainProxy] /login-page.html at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 
    [...web.FilterChainProxy] /login-page.html at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 
    [...web.authentication.AnonymousAuthenticationFilter] Populated SecurityContextHolder with anonymous token: '...authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: ...web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 37AD1209E0F0EC148C607B42933758BF; Granted Authorities: ROLE_ANONYMOUS' 
    [...web.FilterChainProxy] /login-page.html at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter' 
    [...web.FilterChainProxy] /login-page.html at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 
    [...web.FilterChainProxy] /login-page.html at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 
    [...web.util.AntPathRequestMatcher] Checking match of request : '/login-page.html'; against '/login-page.html' 
    [...web.access.intercept.FilterSecurityInterceptor] Secure object: FilterInvocation: URL: /login-page.html; Attributes: [ROLE_ANONYMOUS] 
    [...web.access.intercept.FilterSecurityInterceptor] Previously Authenticated: ...authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: ...web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 37AD1209E0F0EC148C607B42933758BF; Granted Authorities: ROLE_ANONYMOUS 
    [...access.vote.AffirmativeBased] Voter: ...access.vote.RoleVoter@52c51614, returned: 1 
    [...web.access.intercept.FilterSecurityInterceptor] Authorization successful 
    [...web.access.intercept.FilterSecurityInterceptor] RunAsManager did not change Authentication object 
    [...web.FilterChainProxy] /login-page.html reached end of additional filter chain; proceeding with original chain 
    [...web.access.ExceptionTranslationFilter] Chain processed normally 
    [...web.context.HttpSessionSecurityContextRepository] SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession. 
    [...web.context.SecurityContextPersistenceFilter] SecurityContextHolder now cleared, as request processing completed 
4

1 回答 1

3

您尝试使用/j_spring_security_check发送身份验证,但在您的配置中声明:

login-processing-url="/j_spring_security_check.action"

该 url 未被截获,因此您无法登录。

于 2012-05-03T08:55:30.603 回答